It was discovered that the abrt-dbus D-Bus service does not properly
check the validity of the problem directory argument in the
ChownProblemDir, DeleteElement, and DeleteProblem methods. A local
attacker could use this flaw take ownership of arbitrary files and
directories, or to delete files and directories as the root user.
This issue was discovered by Florian Weimer of Red Hat Product Security.
These upstream commits fix this cve:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2015:1083 https://rhn.redhat.com/errata/RHSA-2015-1083.html